[Debian] BIND9 and Custom Name Servers

BIND /?ba?nd/, or named /?ne?mdi?/, is the most widely used DNS software on the Internet. On Unix-like operating systems it is the de facto standard.

Installation Ubuntu/Debian

For the most part the Linux VPS will come with bind9 or named installed on the VPS however if you do not have it installed or have removed the package you can install it with the following command

apt-get install bind9

With the service installed we should for security purposes configure it to run in a chroot environment.

Stop the bind service.

/etc/init.d/bind9 stop

Edit the daemon file

vi /etc/default/bind9

change the following line from

OPTIONS="-u bind"

to

OPTIONS="-u bind -t /var/lib/named"

Now we need to edit the startup script so the service will run as the unprivilidges user "nobody"

vi /etc/init.d/bind9

edit the following line

OPTIONS="-u bind"

to

OPTIONS="-u nobody -t /var/lib/named"

We now create the necessary directories under /var/lib:

mkdir -p /var/lib/named/etc

mkdir /var/lib/named/dev

mkdir -p /var/lib/named/var/cache/bind

mkdir -p /var/lib/named/var/run/bind/run

Then move the config directory from /etc to /var/lib/named/etc:

mv /etc/bind /var/lib/named/etc

Create a symlink to the new config directory from the old location (to avoid problems when bind is upgraded in the future):

ln -s /var/lib/named/etc/bind /etc/bind

Make null and random devices, and fix permissions of the directories:

mknod /var/lib/named/dev/null c 1 3

mknod /var/lib/named/dev/random c 1 8

chmod 666 /var/lib/named/dev/null /var/lib/named/dev/random

chown -R bind:bind /var/lib/named/var/*

chown -R bind:bind /var/lib/named/etc/bind

Logging, finally we need to edit the startup file for sysklogd to log and important messages in relation to bind9

vi /etc/init.d/sysklogd

modify the following line

SYSLOGD=""

to

SYSLOGD="-a /var/lib/named/dev/log"

Finally its time to create your first zone file you will need to edit named.conf.default-zones

vi /etc/bind/named.conf.default-zones

add your zone

zone "yourdomain.com" {

type master;

file "/etc/bind/zones/db.yourdomain.com";

};

save the file, now we need to make the zones folder

mkdir /etc/bind/zones

Copy the default or local zone file or create a new zone file.

cp /etc/bind/db.local /etc/bind/zones/db.yourdomain.com

open and edit the zone file.

vi /etc/bind/zones/db.yourdomain.com

enter the following and modify the records as needed.

;

; BIND data file for local loopback interface

;

$TTL 3600

@ IN SOA yourdomain.com. root.yourdomain.com (

2013061801 ; Serial

604800 ; Refresh

86400 ; Retry

2419200 ; Expire

604800 ) ; Negative Cache TTL

;

@ IN A 1.1.1.1

yourdomain.com. IN NS ns1.yourdomain.com.

yourdomain.com. IN NS ns2.yourdomain.com.

www IN A 1.1.1.1

ns1 IN A 1.1.1.1

ns2 IN A 1.1.1.1

@ IN AAAA ::1

Finally we need to create the rDNS entry for the domain edit the named.conf.defautl-zones file

vi /etc/bind/named.conf.default-zones

enter the following

zone"1.1.1.1.in-addr.arpa" {

type master;

file "1.1.1.1.in-addr.arpa.zone";

};

note you will need to change the 1.1.1.1 to your ip address but in reverse eg if your ip address is 123.56.89.89 the reverse address would be 89.89.56.123.in-addr.arpa

now that you have completed this save the file and then restart bind

/etc/init.d/bind9 restart

Registering your private name servers

Each Registrar is different and we have a list of how to videos at the following link http://myhosting.com/vps-guide/# expand DNS & FTP/SSH and Server Management and watch your registrars respective video.